Solved: thousands of user roles

urtho · ‎12-13-2011

Hi,

Let's say I have 2000 virtual servers, one for each customer.
I want to give access to Splunk to each customer and limit him only to his virtual server data.

Do I spread data across 2000 indexes - one per customer/server and create 2000 roles and limit each role/customer to his index ?

Or

Do I create 2000 roles and limit each to a single host in the search ?

Or

Any other simpler way ? 😄

Urtho,

MHibbin · ‎12-13-2011

urtho,

This is an interesting topic, and the following Splunk Blog maybe able to assist you on you choices...

http://blogs.splunk.com/2011/11/04/splunk-and-multitenancy/

Hope this helps answer your question.

If it does answer your question, please mark the answer as accepted to assist the community.

Regards,

MHibbin

View solution in original post

MHibbin · ‎12-13-2011

urtho,

This is an interesting topic, and the following Splunk Blog maybe able to assist you on you choices...

http://blogs.splunk.com/2011/11/04/splunk-and-multitenancy/

Hope this helps answer your question.

If it does answer your question, please mark the answer as accepted to assist the community.

Regards,

MHibbin

thousands of user roles

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Using Machine Learning for Hunting Security Threats